Marketplace finds out why outbreaks of E. coli keep happening with romaine lettuce — and meets a B.C. family whose young son was sickened, and will never be the same.
Cyber Security Today, April 14, 2021 – More bugs in Microsoft Exchange, cybersecurity training questioned, and Amazon bomb threat foiled.
More bugs in Microsoft Exchange, cybersecurity training effectiveness questioned and Amazon bomb threat foiled. Welcome to Cyber Security Today. It’s Wednesday, April 14. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. More serious vulnerabilities in on-premise versions of Microsoft Exchange Server have been found. The discovery was announced yesterday as part of the monthly…
More bugs in Microsoft Exchange, cybersecurity training effectiveness questioned and Amazon bomb threat foiled.
Welcome to Cyber Security Today. It’s Wednesday, April 14. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
More serious vulnerabilities in on-premise versions of Microsoft Exchange Server have been found. The discovery was announced yesterday as part of the monthly Microsoft Patch Tuesday security update releases. The patches need to be applied as soon as possible to Exchange versions 2013, 2016 and 2019. According to news reports some of the vulnerabilities were found by the U.S. National Security Agency. This comes after last month Microsoft reported that a Chinese-based threat actor and others are exploiting bugs to get into on-premise Exchange email accounts. The patches released yesterday also fix holes in Windows, the Edge browser, Office and other Microsoft products. At the same time Adobe released fixes for Photoshop, Bridge and other applications.
UPDATE: The U.S. Justice Department said Tuesday it is getting court orders to remove web shells installed earlier this year on hundreds of on-prem Exchange servers without getting permission of owners. The unprecedented move is aimed at cleaning up Exchange servers of organizations and individuals who are having trouble and aren’t moving as fast as others in the U.S. Web shells are used for remote access. “This operation removed one early hacking group’s remaining web shells which could have been used to maintain and escalate persistent, unauthorized access to U.S. networks,” the Justice Department said. “The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path).”
How effective is cybersecurity training for employees? Not very, if a survey conducted by a learning management systems company is accurate. The company, TalentLMS, surveyed 1,200 American workers, of which 69 per cent had taken some sort of cybersecurity training. Of them, 61 per cent failed to get at least four of seven multiple-choice questions right about security. Fewer than one per cent got all seven questions correct. The biggest group, 24 per cent, got four of seven right. Interestingly, those who worked in the IT field were the worse performers – only 17 per cent passed the quiz. The best performers were in the healthcare and social assistance fields. One lesson, says the company that sponsored the research: To be effective cybersecurity training has to be fun, hands-on and use real-life examples.
Last week a Texas man was arrested for plotting to blow up an Amazon data centre in Virginia. The FBI says his goal was to bring down 70 per cent of the Internet. Coming after a fire last month that destroyed an OVH data centre in France and knocked out major websites, how much damage could the bomber have caused? Some, experts told SC Magazine this week, but it wouldn’t have crippled the internet. There might have been reduced capacity, said one. But another noted that because Amazon spreads compute loads between multiple locations a local crisis wouldn’t spread too far. Destroying one location of a big internet provider won’t break the internet. The fire in France showed that. But IT departments should remember software bugs, power failures, network loss and misconfigurations can happen at the best of data centres. So have data backed up in several locations. And if your operation depends on round-the-clock availability, have multiple internet providers.
I often remind people who download smartphone apps to to be careful. Just because an app is in the Google or Apple store doesn’t mean its safe. Crooked developers keep trying to evade detection. The latest examples are bad Android apps found by security firm McAfee in the Google Play store. They pretend to be helpful utilities that scan your device and tell you when updates to Chrome, WhatsApp, a PDF reader or other apps are available. Instead, they install fake updates that take over a smartphone or tablet and download malware to steal bank passwords. They go by names like PrivacyTitan, SecureShield and DefenseScreen. These have been removed by Google.
Here’s some advice: First, you don’t need an app to help search for Android app updates. If you go to the Google store a couple of times a week, tap on ‘My Apps & Games’ and it automatically finds available updates. Second, be careful when an Android app asks for permission to use accessibility services. Any app that has full access to this can take over your device. And before choosing an app check the developer information to see if its legit. Ask your friends if they’ve used the app and trust it.
That’s it for now.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.
Canada’s first LGBTQ2S+ IT-focused celebration launches during Pride Week
For the first time in Canada, the IT accomplishments and talent in Canada’s Lesbian, Gay, Bisexual, Transgender, Queer/Questioning, Two-Spirit (LGBTQ2S+) community will be showcased and celebrated during a special 100-minute conference produced by ITWC, the nation’s largest producer of content for the IT community. “This is a chance to highlight the importance of diversity and…
For the first time in Canada, the IT accomplishments and talent in Canada’s Lesbian, Gay, Bisexual, Transgender, Queer/Questioning, Two-Spirit (LGBTQ2S+) community will be showcased and celebrated during a special 100-minute conference produced by ITWC, the nation’s largest producer of content for the IT community.
“This is a chance to highlight the importance of diversity and explore its impact in the larger technology community,” says ITWC CEO Fawn Annan. “In many places, the IT space is recognized as safe and inclusive, and we want to celebrate that. “
The LGBTQ2S+ Voices in IT celebration will take place on June 23, 2021 during Pride Week. Presented by ITWC in collaboration with the Healthcare of Ontario Pension Plan (HOOPP), the 100-minute event will include a keynote presentation, a panel discussion on the importance of building diverse teams, and a collection of individual stories solicited from across Canada that speak to the LGBTQ2S+ journey in the IT workplace. Small group breakout sessions will allow attendees to share their views on a variety of subjects.
“At HOOPP, we are thrilled to have helped create Canada’s first national LGBTQ2S+ celebration focused on IT professionals as part of our broad commitment to equity, diversity and inclusion,” said Reno Bugiardini, Senior Vice-president of IT and facilities services. “We look forward to hearing the stories, participating in panel discussions, and taking the time to celebrate the many achievements and impacts made by our LGBTQ2S+ colleagues across Canada.”
We want your storiesStories submitted by members of the LGBTQ2S+ community will be foundational to the success of the conference. ITWC invites anyone with a personal story celebrating diversity and inclusion to reach out to us at email@example.com.
Individuals can submit testimonials, videos or photos that are illustrative of event themes. Where the opportunity exists, ITWC will arrange to record reflections on video conference platforms. Submissions will be accepted until May 24 and may be displayed on the conference platform.
Our support system The conference is also supported by Pride at Work and the CIO Association of Canada (CIOCAN). This event is an opportunity to celebrate diversity and learn about the LGBTQ2S+ ecosystem, the LGBTQ2S+ advantage, sustainable LGBTQ2S+ development, and leading-edge initiatives for attracting and retaining LGBTQ2S+ in IT.
Hashtag Trending, April 14, 2021 – Salesforce’s return to the office underway; US senator takes on big tech; Taco Bell store goes fully digital
Salesforce welcomes vaccinated employees back into the office, US senator Josh Hawley wants to ban companies worth over $100 billion from merging or acquiring other companies, and Taco Bell is opening its first fully digital location in Times Square. It’s all the tech news that’s popular right now. Welcome to Hashtag Trending! It’s Wednesday, April…
Salesforce welcomes vaccinated employees back into the office, US senator Josh Hawley wants to ban companies worth over $100 billion from merging or acquiring other companies, and Taco Bell is opening its first fully digital location in Times Square.
It’s all the tech news that’s popular right now. Welcome to Hashtag Trending! It’s Wednesday, April 14 and I’m your host Baneet Braich.
Salesforce is welcoming those who have been vaccinated back into the office. This makes the cloud-based software one of the first major U.S. corporations to give vaccinated workers preferential treatment over those who have not taken the shot. Vaccinated employees can “volunteer” to be part of 100 or fewer workers to return to each of its offices but they have to have onsite COVID-19 tests twice a week. Back in February, Salesforce said some employees can work remotely through this year while others would be office-based or able to work onsite for a few days a week. [LinkedIn]
US senator proposes banning acquisitions by Big Tech. Josh Hawley wants to ban companies with a market value of $100 billion from acquiring or merging with other companies. from technology
U.S. senator Josh Hawley wants to ban companies with a market value of $100 billion from acquiring or merging with other companies. This would impact giants like Apple, Amazon, Facebook, Google and Microsoft. The antitrust bill references an alleged anti-conservative bias. Hawley says a small group of progressive mega-corporations control the products Americans can buy, the information Americans can receive and the speech Americans can engage in. It also calls attention to how big mergers can chock off competition from smaller players in Silicon Valley. Hawley says antitrust claims should be filed with no debate on the definition of a specific market. He referred to Instagram and Facebook there and also said any merger action by Amazon and Google would also be banned by the bill.
Taco Bell to open first digital-only U.S. location in Times Square from technology
Taco Bell has opened its first fully digital location in the US in Times Square. Now customers will have to place a digital order ahead of their visit or use one of the 10 self-order kiosks inside the restaurant. The change is to prevent employees from becoming overwhelmed in one of its busiest locations. The digital-only model of restaurants is gradually increasing as other restaurant chains, like Starbucks and Chipotle Mexican Grill have joined the transition.
That’s all the tech news that’s trending right now. Hashtag Trending is a part of the ITWC Podcast network. Add us to your Alexa Flash Briefing or your Google Home daily briefing. Make sure to sign up for our Daily IT Wire Newsletter to get all the news that matters directly in your inbox every day. I’m Alex Coop, thanks for listening!
Business20 hours ago
Aya hits 2,728 g/t silver over 6.0 metres at Zgounder mine
Canadian7 hours ago
N.L. Premier Andrew Furey offers help to Ontario as it faces rising COVID-19 cases
Canadian7 hours ago
Canada just had its worst week ever for new COVID-19 cases
Business20 hours ago
Beauce Gold Fields Megantic Overburden Sample Returns 10 Grams Per Ton Gold in the Vicinity of the Bella Fault Line
Business20 hours ago
Saint Jean receives approval to acquire battery company
Business20 hours ago
Galiano Gold produces 59,999 oz gold in Q1 at Asanko mine
Canadian19 hours ago
Ontario should allow every resident to pre-register for COVID-19 vaccine, group says
National7 hours ago
Media Advisory – Lower Post, British Columbia